Hi, I was thinking of buying a hardware firewall to go with my software firewall i do not own 2 PC's nor will i be sharing internet access with another PC i would just like the extra security of a hardware firewall. I am somewhat new to firewalls in general this will be my first hardware firewall & i do have a few questions. It it odd for someone who doesn't share an internet connection with another computer to own a router with a built in firewall? I have been looking at quite a few products & reviews to see what one would fit my needs i have settled on a decision. Perhaps someone can have a fast look at the spec's & features to see if this is a decent product for the $60 price tag. Thank you for your time. Brand: TRENDnet Model: TW100-BRV204 Link to picture & more info: http://www.newegg.com/Product/Product.asp?Item=N82E16833156028#sctNav *SPEC* Standards IEEE 802.3, IEEE 802.3u Protocols NAT, PPPoE, HTTP, DHCP, TCP/IP, UDP, PAP, CHAP, RIP1, DDNS Speed 10/100Mbps Security NAT firewall, Attack Alert (email) and log, SPI firewall for DoS attacks, URL Filter, Access Control, Local Password, MD5-HMAC/SHA1-HMAC authentication, DES-CBC, 3DES-CBC encryption, Internet Key Exchange, Manual Key Negotiation WAN Ports 1 x 10/100Mbps LAN Ports 3 x 10/100Mbps LEDs Unit: Power, Status LAN Ports/DMZ Port: Link/Act, 100 VPN IPSec, PPTP, L2TP (100 Sessions) DMZ Ports 1 x 10/100Mbps RJ-45 port Dimensions 5.5" x 3.9" x 1.1" Weight 12.8 oz. Temperature 0° to 40° C (32° to 104° F) Humidity 0 % - 80 % (non-condensing) *Features* Built-in 3 x 10/100Mbps Auto-MDIX Ports Built-in 1 x 10/100Mbps WAN Port and 1 x 10/100Mbps DMZ Port Supports Cable/DSL Modems with Dynamic IP, Static (Fixed) IP, PPPoE, PPTP, or L2TP Connection Types Compliant with Windows 95/98/ME/NT/2000/XP, Unix, and Mac System and DES/3DES Encryption Algorithm Supports up to 10 IPSec Tunnels Supports 100 (IPSec, L2TP, PPTP) Pass-Through Sessions Simultaneously (when each VPN client connects to a different VPN endpoint Supports PPTP 1 Server and 10 Clients (Microsoft VPN) VPN Connections Website Access Restriction using URL Keywords (50 entries) and Special Application Access Provides Virtual Servers(Port Forwarding) and Services Type Control with up to 60 Firewall Rules Provides Access Control with user define Services Types (70 entries) Provides Static Routing, Dynamic DNS Service, Hardware DMZ, and Software Multi-DMZ ALGs (Application Level Gateways) with Special Application Support (6 entries) and UPnP (Universal Plug & Play) Support Supports Network Address Translation (NAT/NAPT) and Stateful Packet Inspection (SPI) Firewall Real-Time Email Alert and Logs (Incoming, Outgoing, System, and VPN) Easy Web Browser (HTTP) Configuration and Remote Management (HTTPS) Flash Memory for Firmware Upgrade and Save/Restore Router Configuration

One firewall Software or hardware) is sufficient. Sorry, I do not check for private messages

"It it odd for someone who doesn't share an internet connection with another computer to own a router with a built in firewall? " No, not at all. In fact it makes perfect sense - it's less trouble on your part. I have a D-Link DI-604 (a wired only router) and I find the default firewall settings in the router are enough for me to not use a software firewall at all - it passes the Norton Internet Security online tests at the Symantec web site. I no longer have the hassle of always trying to figure out what to allow / not allow access. But I don't play games with others over the net, or download illegal music or movies. You may need to use more of the optional settings in the router configuration, or supplement it with a software firewall, if you do those things. Wireless connections are nowhere near as reliable as wired connections - in fact they can be downright flaky. Your wireless may work fine, or it is quite common that you may have problems with it. Most wireless routers also have wired ports, so if you have problems and don't really need to use wireless, you can connect to them. The router probably comes with one network cable. And wireless is a lot less secure. With a wireless router, if you use the wireless connections, you should set up the router to block all access except by wireless with your MAC address (each network device has a unique MAC address) and the MAC address of those those want to allow access within the range of your router, and you can also hide the ID you assign (the actual name escapes me at the moment)that is broadcast by the router to make it a lot harder for others with wireless access to find your router. I have a different Trendware wireless router model I got cheap at Xmas, but I haven't tried it yet. I haven't heard anything bad about Trendware stuff. I also have bought 4 D-Link DI-604's (wired), and they are excellent as far as I am concerned. D-Link has good manuals, decent help on their web site(s). As far as which wireless brand to buy, I've been told by others that have tried more than a few routers/wireless NI's that whether your wireless works properly for you is a crap shoot, and it doesn't seem to matter what the brand is, or how much you pay. I would suggest, though, that whatever brand you consider, you look around their web site to see whether their support information seems to be good, especially for the model you are thinking of buying, before you buy.

Thank you "Tubesandwires" for the fast response & adding additional information with your post. One thing i am now not sure of is this router in question the "TRENDnet TW100-BRV204" a wireless router or a wired router? i couldn't find out looking at the specs or the TRENDnet website, they do rank it under "Wired Routers" at their website. I am starting to think that a router can be both wired or wireless all you need is the wireless adapter is that true? I had planed on not going wireless before i made this post so i hope the one i want is not a wireless only router. I am glad you spent the extra time to explain more about these devices as i had no idea wireless & wired had different security issues. "I no longer have the hassle of always trying to figure out what to allow / not allow access." I feel the same for a basic user like me i have a hard time understanding what should be allowed & what should not be able to run. Most of the time i have to look at a search engine to find out what others say if it should gain access or not even then im not 100% sometimes. Plus i have difficulty understanding the "trust levels" & internet access & server access with zone alarm. Downloading & playing games online couldn't you open the port that these products need to run on the hardware firewall (if that is safe?) or is that what you meant when you said "You may need to use more of the optional settings in the router configuration, or supplement it with a software firewall, if you do those things." Last question is i keep hearing about "firmware" i have been trying to run it on search engines to figure it out but most of the time i find searches unrelated to what im looking for. It must have something to do with the router but i cant seem to find out anything else on it. One router review writes "The current version is version 2 and running updated firmware is recommended." Thanks.

My basic $0.02, and answers to some of your concerns: Any NAT router makes a solid hardware firewall--unsolicited traffic is dropped cold, and as T&W says it's really less trouble on your part than running a software firewall. However, consumer models will not monitor outgoing traffic for suspicious activities--they will treat outgoing connections initiated by viruses and spyware/malware as courteously as any legitimate connection. You won't be prompted to authorize a mass-mailing worm's spamming activities as you might with a software firewall. I don't think it's odd to use a firewall/router on a network with a single client machine. I use a cheapo FVS114 VPN firewall with my cable connection, and I only have one machine that needs internet access. It gives me some basic protection, and it doesn't require any maintenance. The VPN firewall you linked is actually a capable little box. My favorite feature is the multiple VPN passthrough, something you don't always find even on more expensive models. It's small, very reliable, has decent throughput, and is very configurable. The only drawback for me is that it has 3 LAN ports rather than the 4 or more you'd expect from most other offerings. Wireless: Most home wireless routers offer both wired and wireless connectivity. You can also disable the built-in wireless radio completely on most models. The only drawback I've experienced with home wireless routers is that they can often be less reliable than a wired router + separate wireless access point. Quick $0.02: T&W mentioned disabling the ESSID broadcast and using MAC address filtering to secure a wireless access point. I disagree. This only discourages the most casual of users from associating with your access point. Use WPA-PSK or better with strong keys to secure your wireless. Anything less is, IMHO, foolish. Online gaming: yes, you will have to forward ports or use UPnP to play some online games, operate a publicly-available server, or use many types of filesharing. No biggie. Firmware: Software or code stored in programmable read-only memory. This code is flashed into the PROM at the factory, but the manufacturer can periodically release newer code that can be flashed by the end user. A router's operations can be upgraded by updating the firmware--bugs can be ironed out, new features added, etc. As a router's firmware matures, the router normally becomes more reliable and possibly more capable. Updating the firmware on a router is not mandatory, especially if the user experiences no problems, but it's often beneficial. I like to upgrade my firmware as updates become available. "If it ain't broke, upgrade anyway."

I looked at the model you mentioned. It is definately a wired only model TW100-BRV204 http://www.trendware.com/en/products/TW100-BRV304.htm "Features Built-in 3 x 10/100Mbps Auto-MDIX Ports Built-in 1 x 10/100Mbps WAN Port and 1 x 10/100Mbps DMZ Port" So that means it has 4 wired RJ45 network cable ports, one of which can use DMZ for playing games with others over the internet, and 1 wired WAN RJ45 network cable port. If you look at the pictures of the back of the router there are 4 ports next to each other, another one separated by a small space (the WAN port). "Standards: IEEE 802.3 (10-Base T) 802.3u (100-Base TX)" Those are the standards for the above wired ports. All routers that do not have ADSL or DSL built in have a separate WAN wired port, to connect to your internet "modem" via a network cable. Both wired and wireless routers are sometimes available as a combo unit with ADSL or DSL built in - that is, a telephone port is connected to a telephone cable and the internet "modem" is built into the router. They do not need a separate WAN RJ45 port, but sometimes the telephone port on such combo routers is labelled WAN. ....... The one I have - TEW-432BRP - a wireless router http://www.trendware.com/en/products/TEW-432BRP.htm "Features Wi-Fi Compliant with IEEE 802.11g and 802.11b Devices" These are two of the standards for wireless. "Built-in 4 x 10/100Mbps Auto-MDIX LAN Ports Built-in 1 x 10/100Mbps Auto-MDIX WAN Port (Internet)" These are the wired ports, for the same standards as the one you were looking at. So it has both wired ports, and wireless support. "Standards Wired: IEEE 802.3 (10Base-T), IEEE 802.3u (100Base-TX), ANSI/IEEE 802.3 Auto Negotiation Wireless: IEEE 802.11b (11Mbps), IEEE 802.11g (54Mbps)" Most wireless routers use both IEEE 802.11b (11Mbps), and IEEE 802.11g (54Mbps). They will connect to IEEE 802.11b or IEEE 802.11g network adapters - the card or USB device that links the router and the computer - for maximum speed they should support 802.11g but that only applies for data transfer between computers - 802.11b is plenty good enough for the internet. ....... The fastest wireless these days is double the 54mbps rate of 802.11g - 108mbps. Trendware doesn't have such a model, but some others do, such as this D-Link example. D-Link AirPremierTM AG DI-784 802.11a/g Dualband Wireless Router. http://www.dlink.com/products/?sec=3&pid=299 Wireless 802.11b and 802.11g use 2.4ghz to broadcast the data; 802.11a uses 5ghz to broadcast the data. 802.11a has actually been around for longer than 802.11b and 802.11g, but it was only used on much more expensive routers marketed to big business until recently. The advantage of 802.11a is your can transfer data between computers at up to 108mbps, and it is much less likely for other devices to interfere with your wireless connection because it uses 5ghz. The disadvantage is the physical range over which you can reliably connect to 802.11a is smaller, that is, the farthest network adapter or other wireless device must be closer to the router than for 802.11b and 802.11g. That isn't of much concern for home users because the range is usually good enough. There are a lot more other devices that use the same 2.4ghz that 802.11b and 802.11g use than use 5ghz - wireless phones, cell phones, many other things - and sometimes having other devices that use that frequency close by will result in your 802.11b and 802.11g connection being flaky. That may or may not apply to a home user, but if it does, you are better off using 802.11a.

I have very little experience setting up wireless and user settings in a wireless routers configuration. The two that I did set up are no longer using the wireless capabilities. Firmware is programming instructions data that is stored in a chip, either a non-flashable or a flashable one, that tells hardware - other chips on the device - what to do with incoming/outgoing data, and how to do it. A computer bios is also firmware, and some mboard vendors such as Intel call it that. If you can update the firmware or install the same or older firmware again easily using a software program, the chip the firmware is stored on is flashable, that is, it's data contents can be changed. Firmware implies the data on the chip is read only - it stays there even if the power to the chip is removed. However, in some cases, if you can configure custom user settings, the chip also has the ability to store those settings, and those settings may require the chip be supplied power all the time to retain the custom settings. e.g. a computer bios, a router, a high speed internet "modem" has a chip that has both firmware and user settings. For a computer, the user settings are lost if you remove the mboard battery on a desktop computer (on a modern laptops, some user settings are stored on a separate chip that retains the settings even if the chip is not powered). For a router, high speed internet "modem", the custom settings are not lost if the power is removed. CD drives and video cards have firmware - on the old ones you can't update the firmware; on newer ones you often can, but there are no user settings.